SQLbit – Just Another Script For Automatize Boolean-Based Blind SQL Injections

AVvXsEhal rocrpyas0V uVrYasq POWPyhG1keoyCHuD6Ssn3B eBi eXoOcDAZwOfwvWhMkaDDfOgg wRAE3EDksBJ459uyDPoSibweg8pyY8 fN74E7m6YplhS9ZzY1 YjFppU2I mqyHoyrkGlDxW 9hweyDIZjIhcLYOOcwckFLIbxO7Fnq j97mrn28A=w640 h384

A script for automatize boolean-based blind SQL injections.
Works with SQLite at least, supports using cookies.
It uses bitwise comparisons with multithreading to find cell values instead of binary search, which is more efficient.

It’s able to:

  • Search cell values by columns in a table
  • Search characters count in a cells by columns in a table
  • Search rows count in a table

The search algorithm is shown below.
Knowing the name of its column (‘sqlite_master’ by default in sqlite, for example) and the column name of it (‘name’ in sqlite) you can find values ​​of every cell in every row. And the fastest algorithm for this is checking the binary values of every character in every cell, which can be perform using multiple threads. Considering this, we can send only 7 requests to get the standard 7-bit letter, and using 1000 threads, we get ~142 letters per moment (it’s also worth keeping in mind requests to get the length of a cell value).

AVvXsEhQGE6EO93XcxBLLJZAVDVx47rJeF5djblHf5nu0aecFJGm8vkZAoxrEpg8ozK2E8QHyzk2Kf5iBnlhE7YOAgnTE2stbtrC7CUcOk 1iAVl6Ht2xU bqkCd122ANMC xSre2 KvQ5EViCaWGttSBqiIRfJvagGOUvHniSCGWNXeyVyVnB4a7QEEjJ RIA=w640 h374

 

The number of bits need to compare (7 by default for ASCII) and the number of threads can be specified as input data.

Installing

git clone https://github.com/Sunlight-Rim/sqlbit.git
pip3 install -r requirements.txt

Usage

It does not accept command line arguments, so you can specify data in the config file or at runtime program.

python sqlbit.py

AVvXsEhal rocrpyas0V uVrYasq POWPyhG1keoyCHuD6Ssn3B eBi eXoOcDAZwOfwvWhMkaDDfOgg wRAE3EDksBJ459uyDPoSibweg8pyY8 fN74E7m6YplhS9ZzY1 YjFppU2I mqyHoyrkGlDxW 9hweyDIZjIhcLYOOcwckFLIbxO7Fnq j97mrn28A=w640 h384

 

Note: please, use it only for your own servers or for the servers of those owners with whom you have agreed in advance.

click here to read full Article

Read More on Pentesting Tools

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *